SPF (Sender Policy Framework)
SPF (Sender Policy Framework) is an email-authentication standard that lets a domain owner publish, in DNS, the list of mail servers allowed to send email on the domain's behalf. Receiving servers check the sending IP against that list to help detect spoofing and decide whether to trust the message.
How it works
You publish a TXT record (e.g. v=spf1 include:_spf.google.com ~all) listing authorized senders. The receiver compares the envelope-from domain's SPF record against the connecting IP and passes, soft-fails or fails the check.
Why it matters
SPF is one of the three signals (with DKIM and DMARC) that mailbox providers use to trust your mail. A missing or misconfigured SPF record drags deliverability and lets others spoof your domain.
How Autocloz handles it
Autocloz checks SPF (alongside DKIM and DMARC) on every connected sending domain and flags records that are missing, too permissive, or exceed the 10-DNS-lookup limit before they hurt a campaign.
FAQ
What does ~all vs -all mean in SPF?
~all is a soft fail (accept but mark) for unlisted senders; -all is a hard fail (reject). Most senders use ~all until DMARC reporting confirms all legitimate sources are listed, then tighten to -all.
Is SPF enough on its own?
No. SPF breaks on forwarding and doesn't cover the visible From header. Pair it with DKIM and a DMARC policy for real protection and deliverability.
Related terms
Cold email deliverability is the share of your outbound cold emails that actually reach the recipient's inbox (not spam, not blocked). It depends on domain authentication (SPF, DKIM, DMARC), sender reputation, mailbox warmup, list hygiene and content — not just whether the email was 'sent'.
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email standard that tells receiving mail servers what to do with messages that fail SPF or DKIM checks — and sends you reports. It prevents spoofing of your domain and is now effectively required by Gmail and Yahoo for bulk senders.
DKIM (DomainKeys Identified Mail) is an email-authentication method that attaches a cryptographic signature to each message. The receiving server verifies the signature against a public key in the sender's DNS, proving the message wasn't altered in transit and genuinely came from the signing domain.
Mailbox warmup is the practice of gradually increasing a new email account's sending volume while generating positive engagement (opens, replies, moving mail out of spam) so mailbox providers build trust in the sender before real campaigns ramp up.